CompliancePoint
Compliance Pointers
An in-depth look into the latest news, trends, and challenges surrounding information security, privacy, and marketing compliance. Visit CompliancePoint.com to learn more about our suite of risk management and compliance services.
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
S3 E6: Using AI in Security and Compliance Assessments 12.02.2025 19:44
How can your organization use AI to streamline security and compliance assessments? Brandon Breslin has answers in this week’s Compliance Pointers episode. Listen to learn: 🤖 How AI is being used in assessments 🤖 The benefits of AI 🤖 The risks of AI and how to manage those risks 🤖 What does the future hold? Learn more about CompliancePoint's InfoSec Certifications services at https://www.compl...
S3 E5: Protecting Your Business From Professional Plaintiffs 05.02.2025 20:36
S3 E5: Protecting Your Business From Professional Plaintiffs
S3 E4: Building a Third-party Risk Management Program 29.01.2025 28:12
Your cybersecurity risk increases when your organization shares data or IT infrastructure with third-party vendors. In this episode of Compliance Pointers, Stephen Haley teaches us about the key components of a Third-party Risk Management Program. Listen to the entire episode and learn about: ⚠️ The core components of a Third-party Risk Management program ⚠️ Assessing Your Vendors ⚠️ Getting your...
S3 E3: Telemarketing Regulations: What to Expect in 2025 22.01.2025 21:24
In this episode of Compliance Pointers, Tony Jarnigan explores how telemarketing regulations could evolve in 2025. Click the link in the comments to listen to the entire to learn about: ☎️ The Trump administration's impact on telemarketing ☎️ Where does one-to-one consent stand ☎️ Consent revocation changes ☎️ Verbal consent ☎️ Automated dialing under the #TCPA and state laws Learn more about Comp...
S3 E2: Proposed HIPAA Security Rule Updates 15.01.2025 19:47
In this episode of Compliance Pointers, Carol Amick breaks down the proposed HIPAA Security Rule updates. Click the link in the comments to listen to the entire episode and learn about: 🩺 The major proposed changes 🩺 Enforcement expectations 🩺 Actions for #healthcare organizations to take now 🩺 How the incoming administration could impact the new rules Learn more about CompliancePoint's HIPAA...
S3 E1: PCI and SOC 2 Combined Audits 08.01.2025 19:30
In the first episode of Compliance Pointers in 2025, Brandon Breslin dives into combined PCI and SOC 2 audits. There’s a lot of valuable info for organizations that need to demonstrate #compliance with both #cybersecurity standards. Listen to the entire episode and learn: 🔎 The benefits of combined audits 🔎 How to ensure your combined audits are successful 🔎 Leveraging a #GRC tool 🔎 Remediatio...
S2 E37: Privacy Regulations: 2024 Review and 2025 Preview 18.12.2024 29:00
The privacy regulations landscape is constantly evolving. In this episode of CompliancePointers, Matt Dumiak reviews the significant events of 2024 and the potential changes we could see in 2025 that will impact your privacy compliance efforts, including: State privacy laws that went into effect in 2024, and those scheduled for 2025 Enforcement trends Potential CCPA amendments The emphasis on cook...
S2 E36: The Impact of One-to-one Consent on Outbound Calling 13.11.2024 28:50
The FCC one-to-one consent rule is a significant change in the telemarketing space that takes effect in January. Jason Shatzkamer, CEO of OutboundIQ, joined Compliance Pointers to discuss how the rule change will impact outbound calling efforts. Listen to the entire episode to learn about: 📞 How the industry is responding 📞 The resulting lead-generation trends 📞 The impact on call centers 📞 St...
S2 E35: CMMC is Finalized, What Comes Next? 06.11.2024 22:19
CMMC is finalized. In this episode of Compliance Pointers, Chris Abacon discusses the next steps for organizations looking to get certified. Listen to the entire episode to learn about: 💻 Where DFARS stands 💻 The phases of the CMMC rollout 💻 Certification steps To learn more about CompliancePoint's CMMC certification services visit https://www.compliancepoint.com/services/federal-cybersecurity-...
S2 E34: Getting Ahead of PCI DSS 4.0 Future-dated Requirements 23.10.2024 21:17
PCI DSS v4.0 includes many requirements that are future-dated for March 31, 2025. In this episode of Compliance Pointers, Brandon Breslin explains how organizations can meet these requirements before the deadline that is quickly approaching. Listen to the entire episode to learn more about: 💳 The most critical PCI future-dated requirements including user access reviews, internal authentication sc...
S2 E33: Deciding Between SOC 2 and HITRUST 16.10.2024 16:00
What cybersecurity framework makes more sense for small and mid-sized businesses, SOC 2 or HITRUST? In this episode of Compliance Pointers, Brooke Gardner helps answer that question. Listen to the entire episode to learn: ⚖️ The benefits of SOC 2 ⚖️ The benefits of HITRUST ⚖️ How the scopes compare ⚖️ Market recognition for both standards ⚖️ The different certification processes ⚖️ The cost and ti...
S2 E32: AI and Compliance with Privacy Regulations and the TCPA 09.10.2024 15:33
Patagonia is facing a lawsuit stemming from the use of AI tools in its customer service operations. In this episode of Compliance Pointers, Kara Urbaniak breaks down what businesses, especially those that use telemarketing, can take away from this case. Listen to the entire episode to learn about: ✅ The Patagonia allegations ✅ Other companies facing AI legal troubles ✅ The relevant laws already...
S2 E31: Why ISO Makes Sense Even Without a Customer Requirement 02.10.2024 30:19
In this episode of Compliance Pointers, David Forman from Mastermind joins us to share some of his ISO expertise. David explains why complying with frameworks like ISO 27001, ISO 27701, and ISO 42001 can be a good move for businesses, even if they don’t have a customer requirement or may never seek formal certification. Listen to the entire episode to learn about: · Leveraging ISO as a baseline fo...
S2 E30: Common HIPAA Privacy Rule Mistakes 25.09.2024 20:58
HIPAA is comprised of the Security Rule, Privacy Rule, and Breach Notification Rule. In this episode of Compliance Points, Carol Amick shares the most common Privacy Rule mistakes she sees healthcare organizations make. She also discusses how your organization can avoid those mistakes. Listen to learn about: ⚕️ Website privacy notices for health data ⚕️ Updating privacy policies and procedures ⚕️...
S2 E29: Website Privacy Functions and Controls 18.09.2024 25:36
The Office of the New York State Attorney General conducted an investigation to discover if website privacy functions and controls were operating properly. In this episode of Compliance Pointers, Matt Dumiak explores the results of the investigation and what businesses can do to ensure their cookies and other online tracking tools are compliant with all applicable laws. Listen to learn: 🍪 Common...
S2 E28: The Value of Compliance Orchestration 11.09.2024 21:31
In this episode of Compliance Pointers, Brandon Breslin explains why organizations should consider breaking away from the point-in-time audit routine and utilize a compliance orchestration strategy. This method can end the audit crunch and streamline the compliance process for PCI DSS, SOC 2, ISO 27001, and other frameworks. Listen to learn: ⏱️ Compliance orchestration: what and why ⏱️ The benefit...
S2 E27: Consent Revocation Rules and Best Practices 04.09.2024 20:23
Honoring consent revocations or opt-outs is a key component of TCPA compliance. In this episode of Compliance Pointers, Tony Jarnigan breaks down how revocation rules are evolving. Take a listen to learn about: 📵 Acceptable opt-out methods 📵 How much time businesses have to honor requests 📵 Recent court cases 📵 Honoring consent revocation best practices Learn more about CompliancePoint's marke...
S2 E26: Risk and Data Stewardship Throughout the Business Life Cycle 21.08.2024 26:09
As a business grows, its cybersecurity program and data stewardship strategies need to keep pace. In this episode of Compliance Pointers, Greg Sparrow explores how risk management priorities will evolve throughout the business life cycle. Take a listen to learn about: · Risk management concerns for startups · When to start thinking about InfoSec certifications · Building a security program that sc...
S2 E25: Data Stewardship for Venture Capital and Private Equity Firms 14.08.2024 18:08
CompliancePoint President Greg Sparrow is the guest on this episode of Compliance Pointers. Greg explains the importance of data stewardship for venture capital and private equity firms. A link to the complete episode is in the comments. Listen to learn: · What data stewardship entails and why it’s important to a company’s success · How data stewardship evolves throughout a business’s lifecycle Le...
S2 E24: Geopolitical Ransomware - The Growing Threat and Defense Strategies 07.08.2024 42:46
In this episode of Compliance Pointers, Steve Hahn from BullWall and Steve Haley from CompliancePoint take an in-depth look into geopolitical ransomware. They detail how the cybersecurity threat from Russia has grown since the start of the war in Ukraine. Be sure to listen for a breakdown of: · How ransomware has evolved · The motivation beyond money · Attack patterns · The industries most often t...
S2 E23: Compliance Pointers is Taking a Short Summer Break 03.07.2024 1:50
Compliance Pointers is taking a short summer break. We'll be back in August with new episodes. Be sure to catch up on recent episodes until then. To learn more about CPX24 visit: https://info.compliancepoint.com/cpx Learn more about CompliancePoint at: https://www.compliancepoint.com/
S2 E22: Where are all the ISO 42001 Certificates Part 2 19.06.2024 24:42
In this episode of Compliance Pointers, we conclude our conversation on ISO 42001, the new standard for Artificial Intelligence Management System. David Forman from Mastermind provides valuable information for organizations planning to become ISO 42001 certified. Listen to the entire episode to learn a certification body’s viewpoint covering: ✔️ What you should be doing now to prepare for certific...
S2 E21: Where are all the ISO 42001 Certificates Part 1 12.06.2024 27:55
In this episode of Compliance Pointer, David Forman from Mastermind joins us to talk ISO 42001, a new Artificial Intelligence Management System. Listen to part 1 of our conversation to learn about: · ISO 42001 essentials · How ISO 42001 compares to other #ISO standards, such as ISO 27001 · AI System Impact Assessments · When to expect auditors to become accredited to issue these certificates Learn...
S2 E20: ISO 27001: 2022 Common Challenges and Solutions 05.06.2024 17:08
Organizations that hold an ISO 27001 certification need to transition to the new 2022 version by October 2025. One of our ISO practitioners breaks down the common challenges businesses will face in the transition and how to overcome them. Take a listen to learn: · The transition timeline · Common challenges · Transition strategies · Can this be done internally? · How long to expect the transition...
S2 E19: State-level TCPAs: The Requirements and Risks 22.05.2024 24:45
State laws that mimic the TCPA are typically more restrictive than the federal law, creating more risk for telemarketing organizations. In this episode of Compliance Pointers, two highly experienced marketing compliance consultants break down the state-level telemarketing regulations, including: · The importance of express written consent · Common requirements throughout the states · The risks of...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.